- Support Forum
- Support Forum
- Knowledge Base
- Customer Service
- Customer Service
- Internal Article Nominations
- Internal Article Nominations
- FortiGate
- FortiGate
- FortiClient
- FortiADC
- FortiADC
- FortiAnalyzer
- FortiAIOps
- FortiAuthenticator
- FortiAnalyzer
- FortiAP
- FortiCare Services
- FortiAuthenticator
- FortiBridge
- FortiCASB
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiConverter
- FortiCASB
- FortiCNP
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDDoS
- FortiDLP
- FortiDB
- FortiDevice
- FortiDNS
- FortiDevSec
- FortiDLP
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiDevSec
- FortiInsight
- FortiDirector
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiExtender
- FortiPAM
- FortiGate Cloud
- FortiPortal
- FortiGuard
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiSIEM
- FortiSOAR
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiToken
- FortiProxy
- FortiVoice
- FortiRecorder
- FortiWAN
- FortiSandbox
- FortiWeb
- FortiSASE Sovereign
- FortiAppSec Cloud
- FortiSIEM
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiToken
- FortiVoice
- 4D Documents
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiSASE Sovereign
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Knowledge Base
- Customer Service
- Customer Service
- Internal Article Nominations
- Internal Article Nominations
- FortiGate
- FortiGate
- FortiClient
- FortiADC
- FortiADC
- FortiAnalyzer
- FortiAIOps
- FortiAuthenticator
- FortiAnalyzer
- FortiAP
- FortiCare Services
- FortiAuthenticator
- FortiBridge
- FortiCASB
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiConverter
- FortiCASB
- FortiCNP
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDDoS
- FortiDLP
- FortiDB
- FortiDevice
- FortiDNS
- FortiDevSec
- FortiDLP
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiDevSec
- FortiInsight
- FortiDirector
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiExtender
- FortiPAM
- FortiGate Cloud
- FortiPortal
- FortiGuard
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiSIEM
- FortiSOAR
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiToken
- FortiProxy
- FortiVoice
- FortiRecorder
- FortiWAN
- FortiSandbox
- FortiWeb
- FortiSASE Sovereign
- FortiAppSec Cloud
- FortiSIEM
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiToken
- FortiVoice
- 4D Documents
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiSASE Sovereign
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Agora
- Agora
- Engage Services
- Engage Services
- The EPSP Platform
- The ETSP Platform
- The ETSP Platform
- Finland
- FortiCare Service Development
- Finland
- FortiCare Service Development
- FortiGate-VM on AWS
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- FortiGate-VM on Azure
- Fortinet for SAP
- FortiGate-VM on AWS
- FortiSIEM
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- FortiSOAR
- FortiSIEM
- FortiSOAR
- KCS
- Lacework
- Super User
- Super User
- Agora
- Engage Services
- The EPSP Platform
- The ETSP Platform
- Finland
- FortiCare Service Development
- FortiGate-VM on Azure
- FortiGate-VM on AWS
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- Fortinet for SAP
- FortiSIEM
- FortiSOAR
- KCS
- Lacework
- Super User
- Agora
- Community Groups
- Agora
- Agora
- Engage Services
- Engage Services
- The EPSP Platform
- The ETSP Platform
- The ETSP Platform
- Finland
- FortiCare Service Development
- Finland
- FortiCare Service Development
- FortiGate-VM on AWS
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- FortiGate-VM on Azure
- Fortinet for SAP
- FortiGate-VM on AWS
- FortiSIEM
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- FortiSOAR
- FortiSIEM
- FortiSOAR
- KCS
- Lacework
- Super User
- Super User
- Agora
- Engage Services
- The EPSP Platform
- The ETSP Platform
- Finland
- FortiCare Service Development
- FortiGate-VM on Azure
- FortiGate-VM on AWS
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- Fortinet for SAP
- FortiSIEM
- FortiSOAR
- KCS
- Lacework
- Super User
- Agora
- Blogs
- Blogs
- Support Forum
- Knowledge Base
- Customer Service
- Customer Service
- Internal Article Nominations
- Internal Article Nominations
- FortiGate
- FortiGate
- FortiClient
- FortiADC
- FortiADC
- FortiAnalyzer
- FortiAIOps
- FortiAuthenticator
- FortiAnalyzer
- FortiAP
- FortiCare Services
- FortiAuthenticator
- FortiBridge
- FortiCASB
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiConverter
- FortiCASB
- FortiCNP
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDDoS
- FortiDLP
- FortiDB
- FortiDevice
- FortiDNS
- FortiDevSec
- FortiDLP
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiDevSec
- FortiInsight
- FortiDirector
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiExtender
- FortiPAM
- FortiGate Cloud
- FortiPortal
- FortiGuard
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiSIEM
- FortiSOAR
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiToken
- FortiProxy
- FortiVoice
- FortiRecorder
- FortiWAN
- FortiSandbox
- FortiWeb
- FortiSASE Sovereign
- FortiAppSec Cloud
- FortiSIEM
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiToken
- FortiVoice
- 4D Documents
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Internal Article Nominations
- FortiGate
- FortiClient
- FortiADC
- FortiAIOps
- FortiAnalyzer
- FortiAP
- FortiAuthenticator
- FortiBridge
- FortiCache
- FortiCare Services
- FortiCarrier
- FortiCASB
- FortiConverter
- FortiCNP
- FortiDAST
- FortiData
- FortiDDoS
- FortiDB
- FortiDNS
- FortiDLP
- FortiDeceptor
- FortiDevice
- FortiDevSec
- FortiDirector
- FortiEdgeCloud
- FortiEDR
- FortiEndpoint
- FortiExtender
- FortiGate Cloud
- FortiGuard
- FortiGuest
- FortiHypervisor
- FortiInsight
- FortiIsolator
- FortiMail
- FortiManager
- FortiMonitor
- FortiNAC
- FortiNAC-F
- FortiNDR (on-premise)
- FortiNDRCloud
- FortiPAM
- FortiPhish
- FortiPortal
- FortiPresence
- FortiProxy
- FortiRecon
- FortiRecorder
- FortiSRA
- FortiSandbox
- FortiSASE
- FortiSASE Sovereign
- FortiScan
- FortiSIEM
- FortiSOAR
- FortiSwitch
- FortiTester
- FortiToken
- FortiVoice
- FortiWAN
- FortiWeb
- FortiAppSec Cloud
- Lacework
- Wireless Controller
- RMA Information and Announcements
- FortiCloud Products
- ZTNA
- 4D Documents
- Customer Service
- Community Groups
- Agora
- Agora
- Engage Services
- Engage Services
- The EPSP Platform
- The ETSP Platform
- The ETSP Platform
- Finland
- FortiCare Service Development
- Finland
- FortiCare Service Development
- FortiGate-VM on AWS
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- FortiGate-VM on Azure
- Fortinet for SAP
- FortiGate-VM on AWS
- FortiSIEM
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- FortiSOAR
- FortiSIEM
- FortiSOAR
- KCS
- Lacework
- Super User
- Super User
- Agora
- Engage Services
- The EPSP Platform
- The ETSP Platform
- Finland
- FortiCare Service Development
- FortiGate-VM on Azure
- FortiGate-VM on AWS
- FortiGate CNF (All Marketplaces)
- FortiWeb Cloud (All Marketplaces)
- Fortinet for SAP
- FortiSIEM
- FortiSOAR
- KCS
- Lacework
- Super User
- Agora
- Blogs
FortiAnalyzer
FortiAnalyzer can receive logs and Windows host events directly from endpoints connected to EMS, and you can use FortiAnalyzer to analyze the logs and run reports.
- Fortinet Community
- Knowledge Base
- FortiAnalyzer
- Technical Tip: FortiAnalyzer auto create default h...
Options
- Subscribe to RSS Feed
- Mark as New
- Mark as Read
- Bookmark
- Subscribe
- Printer Friendly Page
- Report Inappropriate Content
Nur
Staff
Created on
11-17-2025
11:54 PM
Edited on
11-19-2025
02:38 AM
By
Jean-Philippe_P
Article Id
419422
| Description |
This article describes the issue when FortiAnalyzer has the custom event handler and the 'Automatically Create Incident' is enabled, and the default handler with 'Automatically Create Incident' disabled will auto-create an incident section.
|
| Scope | FortiAnalyzer v7.6. |
| Solution |
By default, incidents can be generated automatically by event handlers, even if no specific incidents have been manually enabled. This is due to the 'Automatically Create Incident' option being enabled by default for certain event handlers, such as those related to Outbreak Alerts. If an event handler triggers an alert, an incident is created automatically.
To ensure FortiAnalyzer does not auto-create the incident in the incident section, configure the behavior under the alert setting.
config system log alert get end |
Broad. Integrated. Automated.
The Fortinet Security Fabric brings together the concepts of convergence and consolidation to provide comprehensive cybersecurity protection for all users, devices, and applications and across all network edges.
Security Research
Company
News & Articles
Copyright 2025 Fortinet, Inc. All Rights Reserved.